You are here

Blogs

Yesterday in the United States, Data Privacy Day 2019 was celebrated. On social media, tweets flew by offering tips on how to protect data against hackers. Security professionals and enthusiasts on LinkedIn discussed the topic at hand while top privacy leaders, such as the National Cyber Security Alliance Executive Director, Kelvin Coleman; Eva Velasquez, president and CEO, Identity Theft Resource Center; and CEO Larry Magid of Connect Safely, among others, convened in San Francisco for an afternoon of focused discussion about opportunities and challenges for data security moving forward.

Yes, yesterday was quite the day for data security. However, we must recognize that securing data is a 24/7, 365 day a week operation. Google “data security breach” and incident after incident will pop up … for me, it was about 117 million in .75 seconds. Recently, Ring was outed by major news outlets for Ukraine engineers and executives at Ring having “highly privileged access” to live customer camera feeds — both doorbell cameras and in-home cameras — around the world, while a NEST camera was hijacked with a voice warning a California family that three missiles from North Korea were headed to the U.S., which, of course, was not true, but I can imagine sent the family into sheer panic.

With breaches such as these, among the millions of other data breaches and exposed records in the United States alone, ADT in partnership with SIA, The Monitoring Association, Electronic Security Association, the Internet Society’s Online Trust Alliance and TrustArc are creating a new consumer privacy initiative.

“Alongside industry organizations and partners, we will be outlining privacy and ethics priorities for the industry, creating an external and internal advisory board, and updating our promise to customers: ‘At ADT we are dedicated to your safety, and helping take care of what you value and cherish most in your life: your loved ones, your property and your privacy,” ADT’s CEO, Jim DeVries, said in an internal company memo that went out to all 19,000 ADT employees and to SSN, exclusively.

In the coming months, the initiative is focused on the following key objectives, the press release said.

Adopting a set of industry-wide best practices that are customer-centric and drive transparency.

Working with dealers, partners and other industry organizations on enhanced privacy and ethical standards for our industry.

Programs focused on privacy, ethics and transparency.

ADT is also soliciting participation from other organizations who are interested in helping to drive the objectives.

On Data Privacy Day yesterday, the Security Industry Association (SIA) shared details on how it is helping member companies and the industry at large understand and manage the critical issue of protecting consumer data. Through the efforts of the SIA Data Privacy Advisory Board, the association has produced a number of essential resources for this critical issue.

SIA has taken a leading position on privacy issues for many years, having released its original Privacy Framework in 2010, and has become even more active recently, starting with the 2017 creation of the SIA Data Privacy Advisory Board. SIA is also working with companies such as ADT to bring greater awareness of the importance of data privacy.

Recently, SIA has also: • Published white papers on “Data Privacy and Security Trends for 2018” and “Big Data and Privacy for Physical Security” • Presented a webinar on “Privacy 101: The Importance of Protecting Customer Data” • Produced fact sheets, a list of references and videos on the European Union’s General Data Protection Regulation (GDPR) • Submitted comments to the National Institute of Standards and Technology on its Privacy Framework proposal • Organized a panel discussion on data privacy for an integrators’ conference

In addition, SIA is conducting a survey of its members to gauge industry opinions about data privacy and to identify future SIA activities and programs.

With the GDPR now in effect, California having passed the Consumer Privacy Act, and many members of Congress and state lawmakers considering data privacy legislation, SIA CEO Don Erickson said that the association is stressing to its members that they should get ahead of potential regulations rather than wait and react to them.

“It is vital that members of the security industry ensure that their business practices—as well as their products and services—are designed in a way that protects data and consumer privacy,” Erickson said. “One of SIA’s top priorities is helping the industry to understand that this is not just a matter of regulatory compliance, but also one of customer service and, even, business development. We are committed to providing resources and guidance that will enable them to view data privacy challenges not as a crisis but, rather, an opportunity.”

The end of early bird registration for TechSec Solutions 2019 is quickly approaching; this means only a few short days until the special rate to attend, network and learn will be increasing. Don’t let the dates sneak up. Register and mark your calendars now for February 25-26.

This year’s theme –“Securing a Connected World” – explores exciting new technologies currently being used in real-life situations to enhance security and safety, and how security professionals can leverage these same technologies to achieve their security goals. And, if sunny Florida in February in a beautiful hotel right across from the beach (yes, walking distance!) isn’t enough of an enticement, here are the top six reasons to attend:

Learn about new, currently deployed technologies and gain ideas for future projects.

Visit the exhibit hall – a dedicated space to see and interact with the latest technology and company representatives from the event’s sponsors.

Attend the Mega Panel - learn from leading industry professionals from top security associations and organizations as they give their perspective and vision for the future of security.

Network - a small, relaxed setting offers uninterrupted time for attendees to meet, greet and have conversations with speakers, manufacturers and distributors, and other security professionals to further their learning and knowledge base.

Eat, drink and be merry – delicious meals are provided along with refreshments during breaks from sessions, and make a splash at the poolside reception!

Plan on networking, learning and having some fun “like a boss” at TechSec 2019!

The role of voice within security is certainly growing, especially on the residential side of the equation, but as a recent study finds, consumers are embracing the power of the voice to control their phones, cars, homes and even security systems.

In fact, standalone voice assistants—or smart speakers—are one of the fastest-adopted technologies in U.S. history and have a 98 percent satisfaction rate among U.S. consumers, according to a new research report from Accenture based on a global survey of 22,500 consumers across 21 countries. Half of online consumers globally now use digital voice assistants, with emerging markets leading the way in adoption, the research firm found.

“Adoption and satisfaction with smart speaker technology is booming,” Robin Murdoch, co-author of the report and managing director of Accenture’s global Software and Platforms industry practice, said. “Convenience and accessible price points are helping drive increased use but maintaining this loyalty will require companies to stay relevant with consumer needs while creating and constantly renewing trust.”

The report, “Reshape to Relevance,” notes that smart speakers are disrupting the consumer technology and service ecosystems. Accenture found that 93 percent of consumers globally expect their home device purchases, such as smart TVs or computers, to be based on ease of integration with their standalone smart speaker.

The relevance of smart speakers is reflected in consumers’ expectations to use these devices for more-advanced tasks beyond routine activities like voice calling, playing music or eBooks, and accessing news, Accenture note. “They see value in voice assistants managing home security (61 percent of respondents), providing connected home automation (59 percent), paying bills and providing payment alerts (55 percent)—even making restaurant reservations (53 percent) and providing access to virtual medical advice (52 percent).

“However, trust is a potential impediment to greater adoption of smart speakers, with 41 percent of consumers citing privacy concerns and 40 percent citing security concerns with the technology. Forty-six percent of consumers believe they don’t have control of their data with voice assistants and 58 percent are more likely to re-evaluate their trust in this service by continually checking how their information is being used.”

Greg Roberts, another co-author of the report and managing director of Accenture’s North America High Tech industry practice, said, “Consumers expect their smart speakers to handle complex workloads and integrate with other products. Brands that offer advanced artificial intelligence capabilities will be well positioned for success. But to attract more customers, they will have to be transparent in how they store, use and share data. Establishing an agreed trust standard with consumers is essential.”

Accenture Research conducted an online survey of 22,500 consumers in 21 countries: Australia, Brazil, Canada, China, France, Germany, India, the Netherlands, Italy, Japan, Mexico, Poland, Portugal, Singapore, South Africa, Spain, Sweden, Switzerland, the United Arab Emirates, the United Kingdom and the United States. The sample in each country was representative of the online population. Ages of respondents ranged from 14 to over 55. The survey and related data modeling quantify consumer perceptions of digital devices, content and services, purchasing patterns, preference and trust in service providers, and the future of their connected lifestyles. The online surveys were conducted between October and November 2018.

Day number 26 … it’s the longest shutdown in U.S. history, and with approximately 800,000 federal employees out of work or working without pay, and three or more hours of wait time to clear security in some of America’s busiest airports—Atlanta, Houston, Miami and Washington—security-related vulnerabilities linger. Just by saying the U.S. is “shutdown” seems to give hackers, terrorists, criminals and such the impression that the whole country is weak and now is the time to strike.

Here’s some specific areas the shutdown is hitting security the hardest, and please clcik here to comment on the topic in our News Poll:

Government payment portals and remote access services: Sites such as NASA, the U.S. Department of Justice and the Court of Appeals, among others, are insecure or inaccessible, due to more than 80 expired TLS certificates used on .gov domains. What’s more, only 1 in 20 HTTPS servers implement the security feature that prevents visitors from making unencrypted HTTP connections to a server.As more security certificates expire during the shutdown and with furloughed IT employees not renewing them, opportunities for a security hack increase.

National cybersecurity: It seems “everyone” is furloughed…approximately half of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), the employees who protect critical infrastructure, such as banking, water, energy and nuclear; 85 percent of the National Institute of Standards and Technology (NIST) employees and other IT professionals knowledgeable about the latest cyberattacks and how to deal with them most appropriately, according to CNBC.

Security operations, software patching and penetration testing are among the activities not getting done for government sites including but not limited to:• Departments of State;• Homeland Security;• Agriculture, Commerce and Housing and Urban Development;• Environmental Protection Agency;• Internal Revenue Service (IRS);• National Institute of Standards and Technology; and• National Park Service.

Weakened airport security: Not only is wait time increasing for passengers to get through security, but personal safety is quickly becoming an issue. On January 2, 2019, a Delta passenger successfully deceived TSA, sneaking a gun past agents and onto a flight headed to Tokyo from Atlanta Hartsfield-Jackson International Airport.

According to USA Today, TSA said they would “hold those responsible appropriately accountable,” as they rejected the assumption that low staffing was to blame. Either way, carelessness or low staffing, security was breached and could have led to dire consequences.

As we see the deterioration of security right before our eyes, what are you most concerned about when it comes to the partial government shutdown and security?

Creating safer schools is a major dilemma facing our nation today, but thankfully it is one that some of the best minds are coming together to solve. The Partner Alliance for Safer Schools (PASS) has taken a major step by creating safety and security guidelines and standards of practice that all schools can turn to and follow, guidelines and standards that come from lessons learned from past tragedies and ones that were averted, and from experiences and expertise from leaders in security and education, and from parents and students.

The fourth edition of its Safety and Security Guidelines for K-12 Schools provides school administrators, school boards and public safety and security professionals with guidelines for implementing a layered and tiered approach to securing and enhancing the safety of school environments.

Guy Grace Jr., PASS chairman and director of security and emergency planning for Littleton Public Schools, is leading this effort. The Security Industry Association (SIA) named Grace as the 2018 recipient of the SIA Insightful Practitioner Award, an honor recognizing excellence in promoting the implementation of innovative security solutions.

Grace began providing district services to LPS in 1990 and was soon promoted to patrolman, then lead officer and security facilitator before assuming his current role. He has created and assisted with developing many security-related projects, protocols and practices used today in school safety for both LPS and other school districts.

“The safety and security challenges schools face today are more multifaceted and complex than ever before, and protecting students and staff requires a comprehensive approach to these challenges,” Grace said in the announcement of the new PASS standards. “We are proud to build on the PASS guidelines, which present the most comprehensive information available on best practices for securing school facilities, an essential component supporting all-hazards approaches to school safety.”

The fourth edition of the guidelines is completely revised under a simplified structure and greatly expanded to now cover best practices on a district-wide level that relate to safety and security and additional areas such as school transportation, cybersecurity and network infrastructure, architectural features and emergency communications.

The PASS Guidelines identify and classify best practices for securing K-12 facilities in response to urgent needs for information identified by the education community. The guidelines aim to answer two key questions – “What should we do?” and “How do we prioritize?” – and include:

• Specific actions that can effectively raise the baseline of security;• Vetted security practices specific to K-12 environments;• Objective, reliable information on available safety and security technology;• Assessment of current security measures against nationwide best practices;• Multiple options for addressing security needs identified; and• How to distinguish needed and effective solutions from sales pitches on unnecessary products.

The guidelines describe approaches within five physical layers for school facilities: district-wide, the property perimeter, the parking lot perimeter, the building perimeter and the classroom/interior perimeter. Within each layer, the resource outlines key safety and security components, such as policies and procedures, people (roles and training), architectural components, communication, access control, video surveillance and detection and alarms.

“We believe this approach provides a simplified way for administrators to effectively evaluate their security infrastructure, prioritize investment and maximize security in ways that are consistent with longstanding security practices and ensure a baseline of facility security measures appropriate for school facilities,” Mark Williams, PASS vice chairman, said in the press release.

Established in 2014, PASS brings together expertise from the education community, law enforcement and the security industry to develop and support a coordinated approach that can assist school administrators in making effective use of proven security practices specific to K-12 environments, including elementary, middle and high schools.

The latest guidelines are available at no cost on the PASS website, and PASS encourages education professionals, public safety personnel and security solutions providers to take advantage of these free resources.

It’s good to see registration is open for the second annual Cyber:Secured Forum, and that it’s in my “neck of the woods.” The Westin Dallas Park Central will welcome this conference that helps connect cybersecurity, physical security and systems integration, hosted by ISC Security Events, PSA Security Network and the Security Industry Association (SIA). It’s to be held July 29-31, one of the hottest times in Dallas might I add, so plan on drinking lots of water! Hydration is key during our hot, Texas summers.

(Tip: Walk or Uber over to the Circle K convenience store at 12950 Coit Rd., which is right beside the Westin, and buy water for your hotel room. Usually our convenience stores will have 2 bottles for $2, or some sort of sell.)

According to the SIA website, attendees can look forward to topics including global cybercrime trends, tools and technology for better cybersecurity of physical security systems, monetizing cybersecurity services, cyber-hardening of security systems and more, presented by IT and physical security professionals. The goals of the conference are to connect and share information on risks and liabilities, learn how to respond to cybersecurity threats and work toward establishing security control standards across IT systems.

Plan on attending the July 29th welcome reception, plugging into sessions and strolling around the exhibits displaying various solutions related to cybersecurity, and don’t forget to find me buzzing around. In fact, reach out now, [email protected], and let’s get something on the calendar – a booth visit, coffee, lunch – I’m open to pretty much anything. And of course, I can help you figure out the best places to eat and visit during your stay in Dallas.

I’m excited to attend the forum, meet with you, learn more about cybersecurity trends and what’s going on in that world, and how cyber and physical are successfully merging to keep people and infrastructure safe.

ADS Security, a regional electronic security and automation company based in Nashville, Tenn., has revealed they surpassed $4 million in RMR in 2018, including a record-setting eight companies in 2018, surpassing the previous record of seven acquisitions in 2016.

ADS achieved this mark through strong organic growth driven by a focus on providing legendary service and by maintaining a large acquisition pipeline.

“2018 was the best year in ADS’s history,” John Cerasuolo, president and CEO, swaid in the announcement. “We have built a strong culture and team of people who care about providing legendary service to our customers and to the security company owners we acquire. We are not slowing down and expect 2019 to be another record-setting year.”

After its inception in 1990, ADS achieved $2 million in RMR in 2012 and now has doubled that monthly revenue in about a quarter of the time. ADS Security’s $4 million in RMR is made up of more than 100,000 residential and commercial customer sites spread over 25 branch locations throughout the southeastern United States.

With a UL-listed monitoring center located in Nashville, ADS Security offers a full range of burglar, fire alarm, video surveillance, access control, and automation systems.

Cerasuolo told Security Systems News after the company’s latest acquisition back in December, that he us excited for similar growth in 2019.

“We have very high expectations for 2019. We’ve got a good number of deals that are in various stages along the process. So, we expect to come out of the gate pretty strong in 2019, in terms and acquisitions,” he said. “There’s no reason not to expect that we’ll have similar kind of results in [2019] that we had this year.”

Look around in any public place, be it a hospital, stadium, park, retail outlet, bank and even on the shoulders of police officers, and you are likely to see at least one video camera. This sophisticated piece of equipment is recording and retaining data on the activities in its coverage area to ensure safety to people and infrastructure. Over the past 10 years, video cameras and surveillance systems have become a permanent fixture, perhaps so much so that some people don’t even realize the presence of cameras, and according to BIS Research, there is no evidence of this trend slowing down.

BIS recently released a new market intelligence report, “Global Video Surveillance Market – Analysis and Forecast, 2018-2023,” indicating the global video surveillance market is estimated to grow over $77.21 billion by 2023. This increase is driven by the rising demand for IP cameras, video content analytics (VCA) and Video Surveillance as a Service (VSaas) to help mitigate rising security concerns as well as the need for the security industry to provide highly efficient, time-saving surveillance systems at an affordable price, pointed out by BIS in their press release.

BIS also noted the camera market seems to be acquiring major market share within the video surveillance industry as seen by a proliferation of IP camera-based surveillance systems in response to increased consumer demand for more physical security.

Taking a global look with BIS, Asia-Pacific (APAC) led the global video surveillance market last year and is expected to maintain dominance within this five-year time frame, accounting for approximately 41.5% of net revenue generated by video surveillance equipment, in addition to enormous investments in future security-related projects in India and China. A rise in video surveillance demands is also expected from Europe, specifically from the UK and Germany.

The majority of end-users seek three important aspects when deploying a video surveillance system—cost effectiveness, increased safety and convenience. To fulfill these three demands and create a robust surveillance system, in my opinion, IP cameras, intelligent video analytics, video management systems (VMS), VCS and VSaaS must be incorporated.

Of course, with such technology comes issues of concern. Let’s discuss data protection, data surveillance laws, unskilled security professionals and more:• Do you believe the industry is creating ways to protect the data produced by the high-capacity storage required by IP-based video surveillance systems?• Do you feel there is a lack of data surveillance laws? If so, what laws should we consider passing?• Do you think there is a shortage of skilled security professionals available to manage the operation and software of IP-based surveillance systems?• According to this report’s executive summary – “Cameras are the most important part of any surveillance system.” Do you find this statement to true or false, and why?

I look forward to receiving your thoughts and opinions to get the conversation started, and to continue to explore the rapidly growing and expanding world of video surveillance.

ASSA ABLOY recently announced its new Preferred Installer program to help streamline deployments for installers and systems integrators.

Building on decades of experience in the higher education market, ASSA ABLOY has developed a national network of Intertek certified hardware installers who are highly skilled in providing physical installation of its integrated electronic locking devices.

“Systems integrators, who often face staff shortages, can take advantage of this network of installers to maximize their efficiency,” the company said in the announcement, noting that the ability to outsource this skill helps improve productivity, ensure a quality installation, and create a competitive advantage. “What’s more, when contracted through ASSA ABLOY, an additional year of warranty is provided for products installed by Preferred Installers. This program also helps end-users meet their deadlines, provides peace of mind with high-quality installations, and protects their investment with an extended warranty.”

“We have attended many a training class, and this is hands down the only class offered that is truly a hands-on course with an instructor that is more than qualified to teach,” Chad Smith, chief of operations at ACME Security Solutions, LLC, said in the announcement. “We had an amazing learning experience, and this is all owed to the instructor, who took this training above and beyond our expectations.”

ASSA ABLOY Preferred Installers are third-party certified by Intertek, which means the technicians are qualified to field prep Warnock Hersey labeled fire doors for the installation of specific ASSA ABLOY integrated locks and accessories while retaining the door’s fire resistance rating and compliance with NFPA 80. In addition, Intertek Qualified Personnel may apply supplemental serialized labels to doors they’ve prepped and after ASSA ABLOY hardware has been installed. This signifies to Authorities Having Jurisdiction and Fire Door Inspectors that the installation was completed in accordance with NFPA guidelines.

“The Intertek Qualified Personnel (IQP) ASSA ABLOY Hardware Installer program provides assurance that personnel conducting work in the field are fully qualified and that the work is done correctly each and every time,” Justin Hendricks, program manager - Openings Building & Construction, Intertek. “Participation in the program is also crucial to maintaining the door’s Intertek fire resistance rating and subsequent compliance with NFPA 80 guidelines.”

Lester LaPierre, director of business development, Electronic Access Control, ASSA ABLOY Door Security Solutions added: “ASSA ABLOY has provided installation services for many years across the country at our largest installations incorporating thousands of electronic access control locksets. We’ve learned that the outcome of each of those projects was quality workmanship and high productivity. This resulted in timelines being met, site issues and product returns being reduced, and, most importantly, satisfied integrators, general contractors, and end users. That’s why we’re expanding and formalizing this program so those same benefits can be applied across all opportunities.”

ASSA ABLOY Certified Integrators interested in using a Preferred Installer can simply log on to the Partner Area of www.IntelligentOpenings.com to find the Installation Services Quote Request form to begin the process. For dedicated hardware installation professionals interested in joining the ASSA ABLOY Preferred Installer network, please contact Lester LaPierre ([email protected]).